blogTILLuDROP

Today I published my git repository of the tool I started to write to supply a upstream release monitoring service to Fedora. Some time ago Michał Bentkowski wrote a tool called FEVer to do this, but he became unresposive and did not publish the full code of FEVer. Since I missed this service, I started to write a new tool, that can provide the same service, which is currently called “cnucnu”, because of the lack of a better name. It does not have any bugzilla reporting features yet, but they will be added eventually. At the time of this posting, it only supports to check all packages that are listed on the Fedora wiki page of FEVer and to test regular expressions for easy development of one for a new package.

I just wanted to try out preupgrade to update to Fedora 11, but then I was disappointed that it does not verify securely what it is downloading and installing onto my system. And even worse, this is not even announced by preupgrade. It is so strange, on the one hand all rpm packages are signed and even the algorithms used are updated, but on the other hand the signatures are not used. So please be aware that if you use preupgrade, it will not verify that the installed content came from Fedora.

I just registered for BruCON, because the early bird tickets are only available for two more days. Will you come, too? It would be nice to meet some Fedorians there, but I guess I would have more luck at some generic FOSS conference.